Build DigitalOcean Load Balancer configurations with forwarding rules and health checks.
Last verified: May 2026
Build DigitalOcean Load Balancer configurations with forwarding rules, health checks, sticky sessions, and SSL termination.
Required Fields
nameregionforwarding_ruleshealth_checkOutput will appear here...The builder collects the load balancer name, region, algorithm (round-robin or least-connections), backend selection method (tag or Droplet ID list), forwarding rules (entry protocol/port → target protocol/port), health check parameters, and TLS settings. It validates the combination — e.g., HTTPS forwarding requires a certificate ID, sticky sessions are valid only on HTTP/HTTPS — then emits a complete `digitalocean_loadbalancer` Terraform block.
DigitalOcean Load Balancers handle TCP, HTTP, and HTTPS termination with health checks, sticky sessions, and Let's Encrypt-issued certificates. The DO Load Balancer Config Builder generates a complete configuration — forwarding rules, health check parameters, backend Droplet tags, and TLS settings — with sensible defaults for common patterns (HTTPS with HTTP-to-HTTPS redirect, WebSocket-friendly idle timeouts, gentle health check thresholds). Output is Terraform `digitalocean_loadbalancer` or doctl-ready.
Your team launches a new public API and points DNS at a fresh DO load balancer. Within an hour, monitoring shows 5% of requests failing with 504. You realize the load balancer's default 30-second idle timeout is closing connections during long-running report endpoints. Using the builder, you regenerate the config with a 120-second idle timeout and adjusted health check interval, apply the Terraform, and the 504s stop within a minute as the new config takes effect.
Set idle timeout to at least 60 seconds for WebSocket and SSE workloads. The default 30-second timeout closes long-lived connections and looks identical to a flapping backend from the client's perspective.
If your app's /health endpoint is expensive (hits the database, makes outbound calls), the health checker will hammer it at the configured interval and contribute meaningfully to load. Use a cheap /healthz that returns 200 once the process is alive and willing to serve traffic.
Yes. You can upload a custom certificate (and intermediate chain) to DigitalOcean's certificate store and reference it from the load balancer config, or you can let DigitalOcean issue and rotate a Let's Encrypt certificate automatically. Let's Encrypt is simpler but only supports HTTP-01 validation against the domain, so the DNS must point at the load balancer first.
Health checks run continuously against each backend Droplet. A backend is marked unhealthy after `unhealthy_threshold` consecutive failures (default 3) and removed from rotation. It is restored after `healthy_threshold` successful checks (default 5). For deploys, set the unhealthy threshold loose enough that brief redeploys don't pull a node out unnecessarily, and the healthy threshold strict enough to confirm full readiness.
Was this tool helpful?
Disclaimer: This tool runs entirely in your browser. No data is sent to our servers. Always verify outputs before using them in production. AWS, Azure, and GCP are trademarks of their respective owners.